Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS64308.roa
File: AS64308.roa (raw, json)
Hash identifier: m1YGHcr9fyXvAhbiQ+38ecBqcEUcCxjk9MI20riji6I=
Subject key identifier: A6:22:E4:68:6F:DE:53:50:A0:74:30:81:A5:02:95:0B:66:4C:84:C3
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 320FF31A5BFC5BEC8EAAAF6771F9F4A7CB667807
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS64308.roa
Signing time: Thu 06 Feb 2025 10:44:50 +0000
ROA not before: Thu 06 Feb 2025 10:39:50 +0000
ROA not after: Thu 05 Feb 2026 10:44:50 +0000
asID: 64308
IP address blocks: 157.20.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:0f:f3:1a:5b:fc:5b:ec:8e:aa:af:67:71:f9:f4:a7:cb:66:78:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:50 2025 GMT
Not After : Feb 5 10:44:50 2026 GMT
Subject: CN=A622E4686FDE5350A0743081A502950B664C84C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c7:bc:29:97:84:1f:34:86:59:13:50:ed:c5:
33:2a:b2:f6:80:76:de:25:9e:db:04:31:d6:2c:24:
d6:23:4e:d3:84:c0:47:40:2f:1c:c2:e6:55:f7:8e:
3b:41:76:64:75:3a:05:d8:7e:a5:9c:cb:e5:82:00:
75:e2:09:cc:b8:f7:42:b6:77:30:4f:6b:86:73:7a:
8c:85:be:ae:67:8e:5b:61:c5:60:34:eb:2c:2e:0c:
49:7d:5d:bb:06:fd:2f:16:33:e2:7a:9e:6b:dd:d6:
df:22:e1:7f:5a:be:30:9b:46:1a:ea:5a:1e:b7:68:
18:de:ca:3e:60:2d:ba:40:93:b7:d4:a5:f5:2e:1c:
7e:07:50:19:e9:90:fb:27:b3:5f:9d:88:0a:84:3d:
2d:ff:67:f6:35:6c:31:a4:44:0e:0a:4e:77:f9:c0:
3a:d1:08:fc:80:de:47:ba:8b:6e:26:09:bb:fd:ca:
3b:c2:e0:34:45:e8:d3:65:99:b8:c3:d7:3e:fe:76:
2b:e3:1e:34:6d:97:66:79:c5:90:33:87:8c:27:c2:
2b:e2:3f:2a:7e:d1:4e:c6:44:8b:da:57:28:61:62:
d7:eb:8e:28:3c:fe:04:7e:42:98:3b:d6:fc:55:a7:
66:b4:a4:ea:51:86:11:2b:ad:6f:76:e2:99:86:72:
1c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:22:E4:68:6F:DE:53:50:A0:74:30:81:A5:02:95:0B:66:4C:84:C3
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS64308.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.210.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d5:62:b9:a6:df:f6:16:bf:ee:11:0e:fa:af:47:ad:31:ac:
c1:44:07:e5:ec:73:df:f1:d9:2d:6c:47:33:0d:a6:00:65:ac:
a1:94:4b:c0:17:03:74:ac:6b:72:82:ab:ac:b5:6a:77:d0:b6:
31:a6:cf:e5:3a:31:96:8b:fc:c7:3c:66:f2:6f:2e:8e:27:fe:
0a:63:db:ab:4b:9e:87:fb:44:de:b4:15:78:c8:8c:10:ef:a7:
fb:fc:8a:73:c2:41:ff:f5:2f:6b:fe:15:ee:00:1c:e7:2e:3c:
2d:e1:b1:b8:eb:d6:53:c1:bb:68:3c:3a:d7:d2:dc:60:f3:ec:
cd:0b:9c:81:9e:11:e8:f4:a9:05:f6:91:9c:7f:c6:b2:4e:bc:
db:1f:42:6c:4b:cb:b5:fd:56:bb:d7:e0:70:65:11:f2:19:bf:
36:a7:b9:49:3f:ba:2a:d3:8a:75:0b:ac:09:37:3a:ca:85:a6:
86:31:8b:0c:24:ac:e4:af:f7:ee:2c:8b:b6:4e:6a:56:42:88:
48:bd:97:a4:7d:a5:e5:c8:e5:1f:7b:0f:20:3a:ea:cc:8c:70:
b9:97:d2:2f:30:ee:9b:f6:1c:f8:0a:3b:a7:08:82:7e:85:ef:
7c:bb:2f:21:fd:d8:c0:de:ad:98:50:1f:37:16:52:f3:29:6b:
fa:51:ce:21
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUMg/zGlv8W+yOqq9ncfn0p8tmeAcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MFoX
DTI2MDIwNTEwNDQ1MFowMzExMC8GA1UEAxMoQTYyMkU0Njg2RkRFNTM1MEEwNzQz
MDgxQTUwMjk1MEI2NjRDODRDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3HvCmXhB80hlkTUO3FMyqy9oB23iWe2wQx1iwk1iNO04TAR0AvHMLmVfeO
O0F2ZHU6Bdh+pZzL5YIAdeIJzLj3QrZ3ME9rhnN6jIW+rmeOW2HFYDTrLC4MSX1d
uwb9LxYz4nqea93W3yLhf1q+MJtGGupaHrdoGN7KPmAtukCTt9Sl9S4cfgdQGemQ
+yezX52ICoQ9Lf9n9jVsMaREDgpOd/nAOtEI/IDeR7qLbiYJu/3KO8LgNEXo02WZ
uMPXPv52K+MeNG2XZnnFkDOHjCfCK+I/Kn7RTsZEi9pXKGFi1+uOKDz+BH5CmDvW
/FWnZrSk6lGGESutb3bimYZyHAMCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSmIuRo
b95TUKB0MIGlApULZkyEwzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzY0MzA4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAnRTSMA0GCSqGSIb3DQEBCwUAA4IBAQBq1WK5pt/2Fr/uEQ76r0et
MazBRAfl7HPf8dktbEczDaYAZayhlEvAFwN0rGtygqustWp30LYxps/lOjGWi/zH
PGbyby6OJ/4KY9urS56H+0TetBV4yIwQ76f7/IpzwkH/9S9r/hXuABznLjwt4bG4
69ZTwbtoPDrX0txg8+zNC5yBnhHo9KkF9pGcf8ayTrzbH0JsS8u1/Va71+BwZRHy
Gb82p7lJP7oq04p1C6wJNzrKhaaGMYsMJKzkr/fuLIu2TmpWQohIvZekfaXlyOUf
ew8gOurMjHC5l9IvMO6b9hz4CjunCIJ+he98uy8h/djA3q2YUB83FlLzKWv6Uc4h
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:31:46 2025 by rpki-client